Microsoft and Europol have dismantled infrastructure supporting Amadey and StealC malware operations in Operation Endgame, a coordinated action targeting cybercriminal services and ransomware gangs.
The operation marks a significant enforcement action against two prolific malware families responsible for credential theft and data exfiltration across enterprises and consumers.
Amadey, a longstanding stealer malware, has infected hundreds of thousands of machines globally since its emergence. StealC, a newer competitor in the malware-as-a-service space, rapidly gained adoption among cybercriminals seeking to harvest login credentials and sensitive information.
Operation Endgame represents an escalating international effort to disrupt cybercriminal infrastructure. Microsoft and Europol coordinated with law enforcement agencies across multiple jurisdictions to target the command-and-control servers, hosting providers, and financial networks supporting these operations.
The action involved takedowns of malware distribution channels and disruption of criminal backend infrastructure. Authorities seized control of key systems and redirected traffic to prevent ongoing malware propagation.
Both malware families remain threats. The operation aims to raise operational costs for criminals and disrupt active campaigns, though threat actors typically migrate to alternative infrastructure.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about maximum severity vulnerabilities in Ubiquiti UniFi OS and Lantronix serial-to-ethernet servers that are being actively exploited by hackers.
Law enforcement budgets for investigating child exploitation are shrinking even as artificial intelligence floods the internet with illegal imagery, creating a widening gap between cases and resources.
Scammers are using artificial intelligence to create fraudulent auto loan documents, adding pressure to US lenders already struggling with delinquency rates at multiyear highs. The scheme exploits AI's ability to generate convincing forgeries at scale.
Security vulnerability disclosures are becoming routine rather than noteworthy events as organizations scale their disclosure practices. The shift reflects maturation in how the tech industry handles security issues.